WO2005052793A2 - Outil de verification automatique du code d'ordinateur - Google Patents

Outil de verification automatique du code d'ordinateur Download PDF

Info

Publication number
WO2005052793A2
WO2005052793A2 PCT/US2004/036768 US2004036768W WO2005052793A2 WO 2005052793 A2 WO2005052793 A2 WO 2005052793A2 US 2004036768 W US2004036768 W US 2004036768W WO 2005052793 A2 WO2005052793 A2 WO 2005052793A2
Authority
WO
WIPO (PCT)
Prior art keywords
computer code
code
generated
expected
model
Prior art date
Application number
PCT/US2004/036768
Other languages
English (en)
Other versions
WO2005052793A3 (fr
Inventor
Milton E. Moskowitz
Wayne A. King
William F. Potter
Original Assignee
Honeywell International Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Honeywell International Inc. filed Critical Honeywell International Inc.
Priority to EP04800730A priority Critical patent/EP1685488A2/fr
Publication of WO2005052793A2 publication Critical patent/WO2005052793A2/fr
Publication of WO2005052793A3 publication Critical patent/WO2005052793A3/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/71Version control; Configuration management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3604Software analysis for verifying properties of programs
    • G06F11/3608Software analysis for verifying properties of programs using formal methods, e.g. model checking, abstract interpretation

Definitions

  • This invention relates to the field of computer programming and more specifically to an automatic computer code review tool.
  • avionic control systems can be modeled by using the commercially available program SIMULINK, developed by MathWorks of Natick, Massachusetts, to model the system.
  • SIMULINK program which runs in conjunction with the mathematical analysis tool MATLAB, also developed by MathWorks, can be used to model and develop control systems, signal processing systems and the like .
  • the SIMULINK program a simulation and prototyping software. Models for simulating and analyzing real- world dynamic systems can be developed using the SIMULINK program's block diagram interface. In the SIMULINK program's block diagram interface, various blocks are used to represent input data, output data, functions that act on the data and the like. Additionally, specialized blocks and/or other tooling for specific applications can be developed or purchased from third party vendors.
  • REAL-TIME WORKSHOP program or the REAL-TIME WORKSHOP EMBEDDED CODER program, also produced by MathWorks, can be used to convert the model into computer code.
  • the REAL-TIME WORKSHOP program examines the model and determines what computer code needs to be generated to implant the model in software based on the different blocks used in the model.
  • the REAL-TIME WORKSHOP program then generates the computer code.
  • the computer code is typically ANSI compatible C code, although any computer code in any other programming languages such as Pascal, Cobol, Fortran and ADA, and the like can also be generated, depending on the capability of the code generator program and the needs of the user.
  • Models and computer code generated from the models have been used in the avionics area to develop, among other software, software for flight control systems.
  • DO-178B Software developed for use in the avionics area is preferably compliant with the guidance provided in DO-178B for satisfying FAA airworthiness requirements (note: outside the United States, guideline document ED12-B is used by the Joint Aviation Authority (JAA) and imposes similar requirements).
  • RTCA document DO-178B outlines various guidelines, regulations, and qualifying procedures with which those developing software in the aviation area must comply. For example, section 6.3 of DO-178B states that software developed for avionic applications should be reviewed and analyzed.
  • RTCA document DO-178B states that the generated computer code should be reviewed and/or analyzed to see if any errors were introduced in the generation of the source code.
  • a method for automatically reviewing the source code for a system where the source code is generated automatically from a model of the system is provided.
  • the model is read in and processed to determine the expected computer code based on the model.
  • the source code generated from the model is read in.
  • the generated source code is compared to the expected source code to determine if the generated source code includes all the elements of the expected source code.
  • the method may also include comparing each of the lines of code in the generated computer code to the expected form to verify the generated code is in the proper format.
  • the method also may include comparing the generated computer code to the expected computer code to determine if the generated computer code includes any line of code not in the expected computer code.
  • the method may also include comparing the generated computer code to the expected computer code to determine if the lines of the generated computer code are in a logical order.
  • the method may also include comparing a header information section of the generated computer code to an expected header information section to determine if the header information section of the generated computer code matches the expected header information.
  • a computer-readable storage medium containing a set of instructions for verifying a generated computer code for a system.
  • the instruction set may include code that reads in a model file; code that determines an expected computer code based on the model file; code that reads in a generated computer file generated from the model file; and code that compares the generated computer code to the expected computer code to determine if the generated computer code includes all the lines of the expected computer code.
  • a system for verifying the contents of a generated computer file is provided.
  • the generated computer file generated from a model of the system.
  • the system includes a processing means operable to compare the generated computer code with an expected computer code, the expected computer code determined by the processing means from the model.
  • the system also includes a display coupled to the processing means, the display displaying the results of the comparisons.
  • FIG. 1 is a block diagram of a system in accordance with the present invention.
  • FIG. 2 is a block diagram of a computer for implanting the present invention
  • FIGs. 3a-3b illustrate an example of the verification of code generated by a graphical model
  • FIG. 4 is a flowchart of an exemplary method of performing the present invention.
  • FIGs. 1-4 illustrate a method and system for verifying computer source code generated by an automatic code generating program from a model developed using a computer modeling tool.
  • an automatic code generator is MathWork's REAL-TIME WORKSHOP program, which generates source code from models developed using MathWork's MATLAB/SLMULLNK programs.
  • the discussion of these particular programs are for exemplary purposes only and the present invention can be used to verify computer code generated by any automatic code generator that generates code based on a model.
  • the present invention can be used to verify programming code generated in any programming language such as ADA, Fortran, C, Pascal and the like.
  • the discussion of the use of any particular programming language is for exemplary purposes only.
  • a code verification module 102 verifies generated computer code versus a model from which the code was generated to ensure at least that all expected lines of code from the model are in the generated code, that there are no extraneous lines of code that can not be attributed to part of the model, that the lines of the code are written in proper order and that the code is in proper form.
  • code verification module 102 receives, as input, a model_file 101 containing the simulation model of a system as produced by a model module 104.
  • Code verification module 102 also receives one or more code_files 103 as produced by an autocode generator module 106 using the model developed from model module 104.
  • the code verification module 102 checks the code in the code_file 103 as generated by the autocode generator module 106, as will be discussed in greater detail in conjunction with FIG. 4. An output 108 of the code verification module 102, which indicates whether the code has been successfully verified (or any relevant failure or warning messages), can then be displayed on a computer display 202, such as a computer monitor or other display device.
  • Code verification module 102 is, in one embodiment, software that compares generated computer code versus expected computer code to verify that no errors were introduced in generating the code.
  • Code verification module 102 is, in one embodiment, executed on a processor 206 residing in a computer 200.
  • Computer 200 and processor 206 can be any combination of a processor and computer capable of executing the code of the present invention.
  • processor 206 can be an INTEL processor, as manufactured by the Intel Corporation of Palo Alto, California, operating in a computer running the WINDOWS operating system, as sold by Microsoft Corp. of Redmond, Washington.
  • Other combinations of processors and operating systems can also be used with the present invention, such as executing code verification module on an embedded processor.
  • Model module 104 is used to develop the model of the system.
  • model module 104 is used to form block diagram representations of a system. All of the inputs, outputs and operators on the input and outputs are typically represented by a series of interconnected blocks. An example of such a model is shown in FIG. 3a.
  • the developed model is saved in a file, such as model_file 101, so that it can be used for both generation of computer code and the verification of that computer code.
  • SIMULINK is an example of a model module.
  • Autocode generator module 106 generates computer code from the model produced by model module 104. Autocode generator module 106 converts the blocks in the model to computer code and generates additional lines of code, such as those that declare variables needed for the program to properly execute.
  • the generated code is code_file 103.
  • Code_file 103 can be one or more files that collectively can be used to execute the generated program. An example of code_file 103 is illustrated in FIG. 3b. Real-Time Workshop, as discussed previously, is an example of an autocode generator module 106.
  • Code_file 103 and model_f ⁇ le 101 can be stored in a storage medium 210 that is accessible by the processor 206 executing the code verification module 102.
  • Storage medium 210 can be any device capable of retaining a copy of a computer file for future retrieval, such as a floppy disk drive, an optical drive, a hard drive, a flash memory module and the like.
  • storage medium 210 is located near processor 206, however, storage medium 210 can be located remotely from processor 206 and accessed via a computer network. Additional files that may be needed or produced by the present invention can also be stored in storage medium 210. These files include verification database 212 and the output file 108.
  • the verification database 212 can be one or more databases containing information needed by the verification module 102 such as the format of the expected code for each possible block in a model.
  • the output file 108 contains the results of the verification of the generated code that can be displayed on display 202 or any device capable of storing or displaying an output, such as a computer monitor, printer or storage device.
  • An exemplary model 300 is shown in FIG. 3a. Model 300 includes three inputs, inl 302, in2 304 and in3 306, which are algebraically summed in a sum block 308 to produce a first output 310. The algebraic sum of the three inputs is also multiplied in a product block 312 by a constant from constant block 314 to produce a second output 316.
  • the delay block 318 receives a value (in this embodiment, the first output 310) and holds that value for one time step.
  • the delay block 318 also has an initial condition (i.e.) associated with it.
  • the initial condition is the value the delay block 318 will input into the product block 312 during the first pass through the system. In the example of FIG. 3a, the initial condition is set at 5. Therefore, in this example, the results of the initial summation is held for one time step and then in the second time step, the results of the summation in sum block 308 in that time step it is the first output 310.
  • the second output 316 is the product of the first output 310 of the sum block 308 (first time step) multiplied by the constant 314.
  • the following table illustrates exemplary inputs and outputs of model 300:
  • the generated computer code 320 as seen in FIG. 3b consists of multiple lines of code 322.
  • the computer code 320 is generated from the model 300 of FIG. 3a.
  • the model 300 corresponds to the model_file 101 and the code of FIG. 3b corresponds to the code_file 103.
  • the computer code 320 can be divided up into different sections.
  • computer code 320 includes a header section 330, a block parameter section 332, a model step section 334, a model update section 336 and a model initialize section 338.
  • the header section 330 contains information about the program but no executable code.
  • the block parameter section 332 sets forth the values of different constants used in the computer code 320.
  • the model step section 334 contains all logical and algebraic algorithms within a model, as converted to computer code.
  • the model update section 336 stores a blocks current value for use in a next cycle, such as holding an output value for a delay step.
  • the model initialize section implements 338 a umt delay function.
  • model_file 101 as produced by the model module 104 is read by the code verification module 102 and parsed.
  • the individual components of the model stored in model_file 101 are analyzed.
  • the configuration of the blocks such as the number of inputs and outputs, the name and type of each block and specific information for each type of block is determined.
  • the model is traced though from each input to each output.
  • the type of data inputted and outputted is stored.
  • the sum block 308 has three inputs; inl 302, in2 304, and in3 306.
  • Sum block 308 receives inl 302 subtracts in2 304 from inl 302 and adds in3 306.
  • the sum block is of the form +-+, with respect to the inputs.
  • the configuration of sum block 308 is stored for future use.
  • the information in one embodiment, is stored in storage medium 210.
  • the code verification module 102 determines which of the block(s) in the model should have lines of codes associated with them.
  • blocks in a model that call for an action such as summation blocks, blocks that provide inputs and blocks that provide outputs would have code associated with them.
  • Other blocks in a model that merely serve to help organize a model or connect inputs and outputs in a model do not typically have codes associated with them.
  • Blocks that require code are known, in one embodiment, as non- virtual blocks and those that require code are known as virtual blocks.
  • the code verification module 102 then reads in the code_file 103, in step 406.
  • the code_file 103 is comprised of at least two separate files: a c-code file containing the generated lines of code 322 and an h-code file, not pictured, known as the header file, that contains information needed for the compilation/linking of the generated lines of code 322 into an executable or some other compiler/linker output.
  • the code associated with the individual blocks are labeled using a shorthand notation such as ⁇ S#> where the # is as Arabic number uniquely assigned to a given block or system.
  • the header file in this embodiment, includes a mapping of the shorthand notation to the name of the block. For example, ⁇ S1> might be associated with ⁇ SumBlock>. Turning to FIG. 3b, in the code 320 there is a sumblock line 340 with the notation ⁇ s4>. The header file in this embodiment would have a mapping that would associate ⁇ s4> with the full name of the block ⁇ sumblock>. In step 406, the shorthand notations are replaced by the full name in order to make the comparison of computer code lines easier.
  • the header file is parsed in step 408 to determine the declared order and name of the input and/or output of each block, each parameter of the model, and the state structure in the model.
  • the parsed header file is then compared against the model to ensure that the data type declared in the header file matches the data type used for each block in the model.
  • the code listing in the c-code file is reviewed.
  • the header information (or initial information in the code) of the computer code file is reviewed.
  • the header information is stored in header section 330, as seen in FIG. 3b.
  • the header information may include such information as a proprietary notice (such as "Company X Proprietary and Confidential"), the date and time the code was generated, etc.
  • the header information is typically contained within comment lines of the code and may not be executable lines.
  • the expected header information is compared to the actual header lines of code 322 to see if the information matches.
  • the expected header information can be stored in the verification database 212.
  • the expected header information is a copyright notice such as "Copyright (c) 1996-2004 X hitemational, Inc.” that information can be stored as the expected header information. Then, when the lines of code 322 are being reviewed, the lines of code 322 are compared to the expected header information to see if there is a match.
  • step 412 the block parameter values declared in the generated computer code are checked against the expected block parameters determined from the model to see if there is a match.
  • the parameter values are stored in the parameter section 324 of computer code 320.
  • the constant block 314 has a value of 3.14159.
  • the generated computer code is generated from the model, the value of the constant block should appear in the code 320.
  • constant line 342 defines the constant variable as having the value of 3.14159..
  • the generated computer code is checked to insure the declared value is assigned a value of 3.14159.
  • step 414 the code verification module 102 checks to determine if all lines of code 322 within the computer code 320 matches the expected form for that line (in embodiments that separate the code into a model step section 334 and a model initialize section 338 this step can first be done on the model step section 334 and then can be done on the model initialize section 338 in a later step). This comparison is done by using a case-sensitive string comparison of the computer code program line versus an expected form for the block or command stored, in one embodiment, in the verification database 212 or similar structure and accessible by the code verification module 102.
  • the verification database contains, for each possible command in the computer code, the proper, expected form of the command.
  • the expected form for a product block may be:
  • the present invention can determine if a command or statement contained within the computer code 320 matches the proper form as expected by analyzing the model_file 101. For example, if the code verification module 102 was analyzing the model of FIG. 3a where the summation block is, from the model and knowledge of the proper syntax for a summation block, the expected line of code that should be generated from that block is:
  • example_B.sum_l example_Ul.ini - example_U.in2 + example_U.in3;
  • the actual line of code from the generated code 320 in FIG. 3b is then compared to the expected line. In this case, the generated line of code matches the expected line of code and the line of code passes verification. If, however, the generated line was:
  • example_B.suml example_U.inl+example_U.in2 + example_U.in3;
  • step 416 proper block dependency is checked. As seen in FIG. 3a, the inputs 302, 304 and 306 must be summed before the result can be multiplied in the product block 316. In this step, the verification module 102 checks the generated computer code 320 to determine if the summation is done prior to finding the product. This verifies proper data flow and order dependency.
  • step 418 the generated code relating to the state of the program, if any, (in one embodiment code relating to the state of the system can be found in the model initialize section 338 and model update section 336) is checked to see if the expected lines of code were generated, and if the generated code matches the expected form of the code. If the expected code contains no states or updates, then these areas within the generated code may be verified to be blank or non-existent. That is, that there is no extraneous code. Alternatively, steps 416 and steps 418 may be combined as a single step.
  • step 420 it is determined if all blocks in the model 300 that were expected to generate code, did indeed generate code that appears in computer code 320.
  • the model of model_file 101 was first analyzed, the information regarding which blocks would generate code was saved.
  • the code_file 103 is then examined, it is determined if each of the blocks that were expected to generate lines of code actually generated lines of code. Also the generated code is checked to see if all the lines of code 322 in the computer code 320 can be attributed to the model 300 (i.e. no extraneous lines of code).
  • An optional step 422 may be performed to ensure that any code or files specific to a variant of the autocode generator module 106 is checked. Different variants of a code generator might produce different files or specific functions unique to that embodiment. This step allows any variation that can be expected to be checked.
  • the result of the check is then displayed to the user, in step 424.
  • This result can include a summary of any missing lines of code, any extra lines of code, any code that did not match the expected form, any code that did not have proper dependency and any other failure. If all lines within the code 320 pass, then an "All Pass" or similar message may be generated. That is to say, display to the user may be either positive, negative, or a combination.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Debugging And Monitoring (AREA)
  • Stored Programmes (AREA)

Abstract

La présente invention concerne un procédé permettant de vérifier automatiquement le code source d'un système lorsque ce code est produit automatiquement à partir d'un modèle du système. Dans un premier temps, on charge et traite le modèle pour déterminer, connaissant son modèle, le code d'ordinateur attendu. Il y a ensuite chargement du code source généré. Une comparaison de ce code avec le code source attendu permet de dire si le code source généré contient tous les éléments du code source attendu.
PCT/US2004/036768 2003-11-21 2004-11-04 Outil de verification automatique du code d'ordinateur WO2005052793A2 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP04800730A EP1685488A2 (fr) 2003-11-21 2004-11-04 Outil de verification automatique du code d'ordinateur

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US52393403P 2003-11-21 2003-11-21
US60/523,934 2003-11-21
US10/769,535 2004-01-30
US10/769,535 US20050114841A1 (en) 2003-11-21 2004-01-30 Automatic computer code review tool

Publications (2)

Publication Number Publication Date
WO2005052793A2 true WO2005052793A2 (fr) 2005-06-09
WO2005052793A3 WO2005052793A3 (fr) 2006-04-06

Family

ID=34595060

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2004/036768 WO2005052793A2 (fr) 2003-11-21 2004-11-04 Outil de verification automatique du code d'ordinateur

Country Status (3)

Country Link
US (1) US20050114841A1 (fr)
EP (1) EP1685488A2 (fr)
WO (1) WO2005052793A2 (fr)

Families Citing this family (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7509244B1 (en) * 2004-12-22 2009-03-24 The Mathworks, Inc. Distributed model compilation
US7904802B1 (en) * 2005-08-31 2011-03-08 Parasoft Corporation System and method for software code review
US8239850B2 (en) * 2007-12-14 2012-08-07 GM Global Technology Operations LLC Computer-implemented method of releasing battery state estimation software
US8341600B2 (en) * 2008-02-15 2012-12-25 Microsoft Corporation Tagging and logical grouping of items in source code change lists
US8423879B2 (en) * 2008-05-14 2013-04-16 Honeywell International Inc. Method and apparatus for test generation from hybrid diagrams with combined data flow and statechart notation
US8713528B1 (en) 2008-10-06 2014-04-29 The Mathworks, Inc. Verification of computer-executable code generated from a model
US8869103B2 (en) 2008-10-06 2014-10-21 The Mathworks, Inc. Using intermediate representations to verify computer-executable code generated from a model
US8856726B2 (en) 2009-09-14 2014-10-07 The Mathworks, Inc. Verification of computer-executable code generated from a slice of a model
US9098619B2 (en) 2010-04-19 2015-08-04 Honeywell International Inc. Method for automated error detection and verification of software
US8984488B2 (en) 2011-01-14 2015-03-17 Honeywell International Inc. Type and range propagation through data-flow models
US8627279B2 (en) 2011-02-07 2014-01-07 International Business Machines Corporation Distributed, non-intrusive code review in a development environment
US8984343B2 (en) 2011-02-14 2015-03-17 Honeywell International Inc. Error propagation in a system model
EP2718821B1 (fr) * 2011-06-07 2017-11-01 The MathWorks, Inc. Vérification d'un code pouvant être exécuté par ordinateur généré à partir d'un modèle
US8627280B2 (en) 2011-06-20 2014-01-07 Microsoft Corporation Multi-tenant collaborative review service
US8635598B2 (en) 2011-06-20 2014-01-21 Microsoft Corporation Automatic code decoration for code review
US9063672B2 (en) 2011-07-11 2015-06-23 Honeywell International Inc. Systems and methods for verifying model equivalence
US9027001B2 (en) 2012-07-10 2015-05-05 Honeywell International Inc. Systems and methods for verifying expression folding
US10885001B2 (en) 2013-01-17 2021-01-05 International Business Machines Corporation System and method for assigning data to columnar storage in an online transactional system
AT514731A2 (de) * 2013-09-13 2015-03-15 Fts Computertechnik Gmbh Verfahren zur Verifizierung generierter Software sowie Verifizierungseinrichtung zum Durchführen eines solchen Verfahrens
FR3021769B1 (fr) * 2014-05-27 2016-07-01 Thales Sa Dispositif et procede de generation d'au moins un fichier informatique pour la realisation d'une interface graphique d'un equipement electronique, et produit programme d'ordinateur associe
FR3024788B1 (fr) * 2014-08-01 2017-05-19 Sagem Defense Securite Procede de verification de tracabilite de premieres instructions en un langage de programmation procedurale generees a partir de secondes instructions en un langage de modelisation

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020104072A1 (en) * 2000-08-22 2002-08-01 Wolfgang Ecker Method, computer program product, programmed data medium, and computer system for revising a computer program written in a programming language
WO2002101544A2 (fr) * 2001-06-08 2002-12-19 The Secretary Of State For Defence Elaboration automatique de codes logiciels

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5583988A (en) * 1994-03-09 1996-12-10 National Instruments Corporation Method and apparatus for providing runtime checking features in a compiled programming development environment
US6016474A (en) * 1995-09-11 2000-01-18 Compaq Computer Corporation Tool and method for diagnosing and correcting errors in a computer program
US6993710B1 (en) * 1999-10-05 2006-01-31 Borland Software Corporation Method and system for displaying changes of source code
US6983446B2 (en) * 1999-10-05 2006-01-03 Borland Software Corporation Methods and systems for finding specific line of source code
US6993759B2 (en) * 1999-10-05 2006-01-31 Borland Software Corporation Diagrammatic control of software in a version control system
US6681383B1 (en) * 2000-04-04 2004-01-20 Sosy, Inc. Automatic software production system
US20020100022A1 (en) * 2000-05-08 2002-07-25 Holzmann Gerard J. Method and apparatus for automatic verification of properties of a concurrent software system
US7069547B2 (en) * 2001-10-30 2006-06-27 International Business Machines Corporation Method, system, and program for utilizing impact analysis metadata of program statements in a development environment
US20040111702A1 (en) * 2002-12-10 2004-06-10 Chan Kin Ming Method and apparatus for visual programming

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020104072A1 (en) * 2000-08-22 2002-08-01 Wolfgang Ecker Method, computer program product, programmed data medium, and computer system for revising a computer program written in a programming language
WO2002101544A2 (fr) * 2001-06-08 2002-12-19 The Secretary Of State For Defence Elaboration automatique de codes logiciels

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
MALEPATI V ET AL: "Verification and validation of high integrity software generated by automatic code generators" SYSTEMS, MAN, AND CYBERNETICS, 1998. 1998 IEEE INTERNATIONAL CONFERENCE ON SAN DIEGO, CA, USA 11-14 OCT. 1998, NEW YORK, NY, USA,IEEE, US, vol. 3, 11 October 1998 (1998-10-11), pages 3004-3009, XP010310686 ISBN: 0-7803-4778-1 *
TOEPPE S ET AL: "Practical Validation of Model Based Code Generation for Automotive Applications" DIGITAL AVIONICS SYSTEMS CONFERENCE, 1999. PROCEEDINGS. 18TH ST LOUIS, MO, USA 24-29 OCT. 1999, PISCATAWAY, NJ, USA,IEEE, US, vol. B.5/12 pp. vol.2, 24 October 1999 (1999-10-24), pages 3-1-3-14, XP010366385 ISBN: 0-7803-5749-3 *
VESTAL S: "Assuring the correctness of automatically generated software" DIGITAL AVIONICS SYSTEMS CONFERENCE, 1994. 13TH DASC., AIAA/IEEE PHOENIX, AZ, USA 30 OCT.-3 NOV. 1994, NEW YORK, NY, USA,IEEE, 30 October 1994 (1994-10-30), pages 111-118, XP010127150 ISBN: 0-7803-2425-0 *

Also Published As

Publication number Publication date
US20050114841A1 (en) 2005-05-26
EP1685488A2 (fr) 2006-08-02
WO2005052793A3 (fr) 2006-04-06

Similar Documents

Publication Publication Date Title
EP1685488A2 (fr) Outil de verification automatique du code d'ordinateur
US5361357A (en) Method and apparatus for optimizing computer file compilation
Byrne Software reverse engineering: a case study
US20020157084A1 (en) Method and system for displaying translation information
US20080276221A1 (en) Method and apparatus for relations planning and validation
US7237223B2 (en) Apparatus and method for real-time caution and warning and system health management
US6829759B1 (en) System and method for generating a translation display
JPH0869380A (ja) ソースプログラムチェック装置
Leonard et al. Program synthesis from formal requirements specifications using APTS
Kastens Attribute grammars in a compiler construction environment
Akers et al. Re-engineering C++ component models via automatic program transformation
Hopwood Decompilation.
Lieberherr et al. Tools for preventive software maintenance
Khoroshilov et al. Integrating aadl-based tool chain into existing industrial processes
Jiang et al. Generation of C++ Code from Isabelle/HOL Specification
EP2718821B1 (fr) Vérification d'un code pouvant être exécuté par ordinateur généré à partir d'un modèle
Blazy et al. SFAC, a tool for program comprehension by specialization
Bjørner Project Graphs and meta-programs towards a theory of Software development
White et al. The development of a rapid prototyping environment
Vestal Assuring the correctness of automatically generated software
Iglewski et al. Editor for the Trace Assertion Method
Adedjouma et al. Model-based computer-aided monitoring for ISO26262 compliant systems
Mishchenko et al. New functionalities of the system for processing natural language specifications and its operating environment
Philip et al. Estimation and Generation of Software Architectural Specification to Handle Variation Points
Dandekar A procedural approach to the evaluation of software development methodologies

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 2004800730

Country of ref document: EP

AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

WWW Wipo information: withdrawn in national office

Country of ref document: DE

WWP Wipo information: published in national office

Ref document number: 2004800730

Country of ref document: EP